With future trends pushing more towards online shopping because of it's sheer viral nature, and more consumers becoming more comfortable with online purchasing; there are important things to know as a merchant if you are either involved are plan to be involved in selling goods and services online. As expected, with the ongoing use of credit cards online, there is an increased threat of fraud and other security risks that is necessary to be prepared for. There are steps that are necessary to protect you and your customers. So first and foremost; 

What is PCI compliance? 

PCI stands for Payment Card Industry which is endorsed by the major credit networks (Visa, MasterCard, Discover, and American Express) It is essentially a set of requirements that is in place to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.. PCI compliance will vary from merchant to merchant and the level of compliance differs depending on the amount of business your establishment generates. However, no matter how much business you generate, it is mandated now that you be PCI compliant. Although it is not a federal law, merchants that do not comply with PCI may be subject to fines, card replacement costs, costly forensic audits, brand damage, etc., should a breach event occur. 
For little upfront effort and cost to comply with PCI, you greatly help reduce your risk from facing these extremely unpleasant and costly consequences. There are different levels of PCI compliance you can fall into and VISA has each level has it's own mandate. 

Level 1- If a merchant processes over 6,000,000 transactions per year, you will be required to have an Annual onsite review by a Qualified Security Assessor (QSA) and a Quarterly Network Scan by an Approved Scanning Vendor (ASV)

Level 2- If a merchant processes anywhere between 1,000,000 and 6,000,000 transactions per year, you will be required to do an Annual Self Assessmnet Questionnaire and a Quarterly Network Scan by an ASV

Level 3- If a merchant processes between 20,000 and 1,000,000 transactions per year, you will be required to do an Annual Self Assessmnet Questionnaire and a Quarterly Network Scan by an ASV

Level 4- If a merchant processes less than 20,000 transactions per year, you will be required to do an Annual Self Assessmnet Questionnaire and a Quarterly Network Scan by an ASV

The importance of PCI compliance is crucial with fines ranging from $5000 to $100,000 per month for PCI compliance violations.One other thing to note, having a SSL certificate does not make you PCI compliant. Furthermore, it will not prevent you from malicious attacks by hackers. Contact a QSA for additional guidance for a quarterly network scan and more advice on how to become PCI compliant. For more information on PCI compliance, visit http://www.pcicomplianceguide.org.